Move OWASP scanner into scanner/ subdirectory + add workflow#72

Merged

ben-AI-cybersec merged 9 commits intoRedback-Operations:mainfrom

lperry022:feat/scanner

Sep 17, 2025

Contributor

lperry022 commented Sep 7, 2025

Moved scanner into scanner/ as requested
Added GitHub Actions workflow (.github/workflows/owasp-scanner.yml) to run scanner on PRs
Ignored venv


          Remove scanner/venv from repo and add to .gitignore

53e35e0

lperry022 requested review from a team as code owners

September 7, 2025 06:16

This comment was marked as outdated.

Sign in to view


          Add OWASP scanner code and workflow

e9dc69f

This comment was marked as outdated.

Sign in to view


          Remove scanner/tests folder

d03e785

This comment was marked as outdated.

Sign in to view


          Fix workflow: run scanner as module

cab8352

This comment was marked as outdated.

Sign in to view


          modifying imports in main

33b2783

This comment was marked as outdated.

Sign in to view


          Fix bash step: remove :: lines and run scanner as module

4badb7f

This comment was marked as outdated.

Sign in to view


          scanner: use package-relative imports (.core / ..core)

2d8ade3

This comment was marked as outdated.

Sign in to view


          workflow: skip when only scanner/** changes; exclude scanner from tar…

dbd1d68

…gets; run module form

This comment was marked as outdated.

Sign in to view


          chore: remove __pycache__ from PR and ignore Python bytecode

e42f36d

github-actions bot commented Sep 17, 2025

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2025-09-17 08:55:24.939133

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 1980
	Total lines skipped (#nosec): 0
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 1

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 13
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 13
Files skipped (1):
	./T1_2025/infra/backups/bak/controller/backend/v1.0.0/endpoints/register.py (syntax error while parsing AST from file)

✅ No critical security issues detected.

The code has passed all critical security checks.

ben-AI-cybersec approved these changes

View reviewed changes

Member

ben-AI-cybersec left a comment

lgtm

ben-AI-cybersec merged commit 0a4ea0e into Redback-Operations:main

2 checks passed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet